Vulnerability Disclosure Form
-
TotalEnergies CERT is the Computer Emergency Response Team responsible for coordinating the incident response and cybersecurity assessment across TotalEnergies Company entities and TotalEnergies Company affiliates. For more information, see the description of TotalEnergies CERT in compliance with the RFC 2350 (456eb6c07f339e9e350a9e5e48fe3de5ab4a256073704d0ecb82745b6e6b3a9e).
-
The form below allows you to notify us about a vulnerability in one of our assets (TotalEnergies and one of our affiliates or join-ventures). TotalEnergies’ responsible disclosure policy is available here (761c07cef8d891978dfd2bbda9971a3e71168ccb4e1b59bc05ba459fc1783e8d).
-
Shall you need to notify us about an information security incident or a cyberthreat targeting or involving our perimeter, please contact us at: contact[at]cert.total. However, no vulnerability disclosure will be considered, please use the following form for that. If you need to send us information in a secure manner, please use our PGP key which ID is 0xB2F5B2F5D0E4AE28 and fingerprint is 0x2C2D5AEB78C73E1C95EB428FB2F5B2F5D0E4AE28.